package cn.tedu.jdbc;
//SQL注入

import java.sql.*;
import java.util.Scanner;

//SQL注入
public class login {


    public static void main(String[] args) throws ClassNotFoundException, SQLException {

        try{
            Class.forName("com.mysql.cj.jdbc.Driver");
            String url = "jdbc:mysql://localhost:3306/gdb2109";
            Connection con = DriverManager.getConnection(url, "root", "root");
            Statement st = con.createStatement();
            System.out.println("请输入用户名：");
            String user = new Scanner(System.in).nextLine();
            System.out.println("请输入密码：");
            String pwd = new Scanner(System.in).nextLine();
            String sql = "select * from user2 where name='"+user+"'and password='"+pwd+"'";
            ResultSet rs = st.executeQuery(sql);
            if(rs.next()){
                System.out.println("登录成功");
            }else{
                System.out.println("登录失败");
            }
            rs.close();
            st.close();
            con.close();
        }catch (Exception e){
            e.printStackTrace();
            System.out.println("执行失败");
        }


    }
}
